[NT] Novell GroupWise Information Disclosure

From: SecuriTeam <support@xxxxxxxxxxxxxx>
Date: 4 Jul 2006 14:06:20 +0200

The following security advisory is sent to the securiteam mailing list, and can be found at the SecuriTeam web site: http://www.securiteam.com
- - promotion

The SecuriTeam alerts list - Free, Accurate, Independent.

Get your security news from a reliable source.
http://www.securiteam.com/mailinglist.html

- - - - - - - - -

Novell GroupWise Information Disclosure
------------------------------------------------------------------------

SUMMARY

" <http://www.novell.com/products/groupwise/> Novell GroupWise is a
complete collaboration software solution that provides information workers
with e-mail, calendaring, instant messaging, task management, and contact
and document management functions. "

Improper API function design allows attackers to gain information on users
using Novell GroupWise.

DETAILS

Vulnerable Systems:
* Novell GroupWise version 5.x
* Novell GroupWise version 6.0
* Novell GroupWise version 6.5
* Novell GroupWise version 7
* Novell GroupWise version 32-bit Client

Immune Systems:
* GroupWise version 7 SP1
* GroupWise version 6.5 SP6 Client Update 1

A security vulnerability exists in the GroupWise Windows Client API that
can allow random programmatic access to non-authorized email within the
same authenticated post office.

Vendor Status:
The vendor has issued a patch:

* GroupWise 6.5: <http://support.novell.com/filefinder/16963/index.html>
http://support.novell.com/filefinder/16963/index.html
* GroupWise 7: <http://support.novell.com/filefinder/20641/index.html>
http://support.novell.com/filefinder/20641/index.html

CVE Information:
<http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-3268>
CVE-2006-3268

ADDITIONAL INFORMATION

The information has been provided by <mailto:jshort@xxxxxxxxxx> Jim
Short.

========================================

This bulletin is sent to members of the SecuriTeam mailing list.
To unsubscribe from the list, send mail with an empty subject line and body to: list-unsubscribe@xxxxxxxxxxxxxx
In order to subscribe to the mailing list, simply forward this email to: list-subscribe@xxxxxxxxxxxxxx

====================
====================

DISCLAIMER:
The information in this bulletin is provided "AS IS" without warranty of any kind.
In no event shall we be liable for any damages whatsoever including direct, indirect, incidental, consequential, loss of business profits or special damages.

Prev by Date: [UNIX] Stud.IP File Inclusion
Next by Date: [NEWS] Apple iTunes AAC File Parsing Integer Overflow
Previous by thread: [UNIX] Stud.IP File Inclusion
Next by thread: [NEWS] Apple iTunes AAC File Parsing Integer Overflow
Index(es):
- Date
- Thread

Relevant Pages

[NT] Novell GroupWise Authentication Bypass
... The following security advisory is sent to the securiteam mailing list, and can be found at the SecuriTeam web site: http://www.securiteam.com ... Novell GroupWise Authentication Bypass ... 19 Jun 2006) and lock out older Windows clients via ConsoleOne. ...
(Securiteam)
[NEWS] GroupWise WebAccess File Disclosure (GWAPACHE.CONF)
... The following security advisory is sent to the securiteam mailing list, and can be found at the SecuriTeam web site: http://www.securiteam.com ... and 6.5 WebAccess that could allow unauthorized access to the WebAccess ... WebAccess on NetWare using the Apache 1.3x web server and where Apache is ... * Novell GroupWise 6 WebAccess ...
(Securiteam)
[EXPL] phpBB Remote PHP Code Execution (viewtopic.php 2)
... The following security advisory is sent to the securiteam mailing list, and can be found at the SecuriTeam web site: http://www.securiteam.com ... The following exploit code utilizes a vulnerability in phpBB to cause ... This bulletin is sent to members of the SecuriTeam mailing list. ... In no event shall we be liable for any damages whatsoever including direct, indirect, incidental, consequential, loss of business profits or special damages. ...
(Securiteam)
[EXPL] TinyWeb Server DoS Exploit
... The following security advisory is sent to the securiteam mailing list, and can be found at the SecuriTeam web site: http://www.securiteam.com ... The information in this bulletin is provided "AS IS" without warranty of any kind. ... In no event shall we be liable for any damages whatsoever including direct, indirect, incidental, consequential, loss of business profits or special damages. ...
(Securiteam)
[EXPL] 3Com FTP Server Buffer Overflow (CD)
... The following security advisory is sent to the securiteam mailing list, and can be found at the SecuriTeam web site: http://www.securiteam.com ... overflow in its parsing of the 'CD' command. ... The information in this bulletin is provided "AS IS" without warranty of any kind. ... In no event shall we be liable for any damages whatsoever including direct, indirect, incidental, consequential, loss of business profits or special damages. ...
(Securiteam)